#! /bin/bash
# System optimization script

export LANG=C
echo ............................
echo ..Edit By LeiJin_Thinkive...
echo System optimization script
echo TK_S_VERSION = 1.0.0-20210513
echo ............................

set -x;

# Link time
ln -s -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#echo "kernel.pid_max = 4194303" >> /etc/sysctl.conf
#echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
SELINUXSTATUS=`getenforce`
UNAME_I=`uname -i`
ULIMIT_U=`ulimit -u`
ULIMIT_N=`ulimit -n`
IS_ULIMIT=`cat /etc/profile|grep ulimit|wc -l`
ULIMIT_U_SUM=`cat /etc/security/limits.conf|grep -v ^#|grep nproc|wc -l`
ULIMIT_N_SUM=`cat /etc/security/limits.conf|grep -v ^#|grep nofile|wc -l`
IS_ULIMITS=`cat /etc/security/limits.d/20-nproc.conf|grep 4096|grep -v ^#|wc -l`
FS_MAX=`cat /proc/sys/fs/file-max`
IS_FS_MAX=`cat /etc/sysctl.conf|grep fs.file-max|wc -l`
WMEM_1=`cat /proc/sys/net/ipv4/tcp_wmem|awk '{print $1}'`
WMEM_2=`cat /proc/sys/net/ipv4/tcp_wmem|awk '{print $2}'`
WMEM_3=`cat /proc/sys/net/ipv4/tcp_wmem|awk '{print $3}'`
IS_WMEM=`cat /etc/sysctl.conf|grep wmem|wc -l`
RMEM_1=`cat /proc/sys/net/ipv4/tcp_rmem|awk '{print $1}'`
RMEM_2=`cat /proc/sys/net/ipv4/tcp_rmem|awk '{print $2}'`
RMEM_3=`cat /proc/sys/net/ipv4/tcp_rmem|awk '{print $3}'`
IS_RMEM=`cat /etc/sysctl.conf|grep rmem|wc -l`
IP_PORT_1=`cat /proc/sys/net/ipv4/ip_local_port_range|awk '{print $1}'`
IP_PORT_2=`cat /proc/sys/net/ipv4/ip_local_port_range|awk '{print $2}'`
IS_IP_PORT=`cat /etc/sysctl.conf|grep ip_local_port_range|wc -l`
TIMESTAMPS=`cat /proc/sys/net/ipv4/tcp_timestamps`
IS_TIMESTAMPS=`cat /etc/sysctl.conf|grep tcp_timestamps|wc -l`
REUSE=`cat /proc/sys/net/ipv4/tcp_tw_reuse`
IS_REUSE=`cat /etc/sysctl.conf|grep tcp_tw_reuse|wc -l`
RECYCLE=`cat /proc/sys/net/ipv4/tcp_tw_recycle`
IS_RECYCLE=`cat /etc/sysctl.conf|grep tcp_tw_recycle|wc -l`
TIMEOUT=`cat /proc/sys/net/ipv4/tcp_fin_timeout`
IS_TIMEOUT=`cat /etc/sysctl.conf|grep tcp_fin_timeout|wc -l`
SCALING=`cat /proc/sys/net/ipv4/tcp_window_scaling`
IS_SCALING=`cat /etc/sysctl.conf|grep tcp_window_scaling|wc -l`
SACK=`cat /proc/sys/net/ipv4/tcp_sack`
IS_SACK=`cat /etc/sysctl.conf|grep tcp_sack|wc -l`
somaxconn=`cat /proc/sys/net/core/somaxconn`
SOURCE='source /etc/profile'
swappiness=`cat /proc/sys/vm/swappiness`

# Check SELinux Status,and optimization
tcp_syncookies=`cat /etc/sysctl.conf| grep "net.ipv4.tcp_syncookies = 1"`
if [[ -z $tcp_syncookies ]]
 then
 echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
 echo -e "\033[tcp_syncookies\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "net.ipv4.tcp_syncookies = 1 ! \033[32mGood !!\033[0m"
fi


if [ $SELINUXSTATUS = 'Disabled' ];then
        echo -e "The SELinux is $SELINUXSTATUS ! \033[32mGood !!\033[0m"
else
        echo -e "The SELinux is $SELINUXSTATUS !"
        echo -e "The SELinux is ptimizing.........."
        sleep 1
        setenforce 0
        sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
        echo -e "\033[32mSELinux\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1



# Optimization firewalld

echo -e "firewalld is optimizing.........."
sleep 1
systemctl stop firewalld.service
systemctl disable firewalld.service
echo -e "\033[32mfirewalld\033[0m , Optimization \033[32mSuccess !!\033[0m"
echo " "
sleep 1


# Check limits.conf,and optimization
sed -i 's/root/*/' /etc/security/limits.d/20-nproc.conf
soft_nofile=`cat /etc/security/limits.conf | grep "* soft nofile 1048576"`
hard_nofile=`cat /etc/security/limits.conf | grep "* soft nofile 1048576"`
soft_nproc=`cat /etc/security/limits.conf | grep "* soft nproc 204800"`
hard_nproc=`cat /etc/security/limits.conf | grep "* hard nproc 204800"`
if [[ -z $soft_nofile ]]
 then
 echo "* soft nofile 1048576" >> /etc/security/limits.conf
 echo -e "\033[32msoft_nofile\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "soft_nofile---- $soft_nofile ! \033[32mGood !!\033[0m"
fi
echo " "
sleep 1
if [[ -z $hard_nofile ]]; then
 echo "* hard nofile 1048576" >> /etc/security/limits.conf
 echo -e "\033[32mhard_nofile\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "hard_nofile---- $hard_nofile ! \033[32mGood !!\033[0m"
fi
echo " "
sleep 1
if [[ -z $soft_nproc ]]
 then
 echo "* soft nproc 204800" >> /etc/security/limits.conf
 echo -e "\033[32msoft_nproc\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "soft_nproc---- $soft_nproc ! \033[32mGood !!\033[0m"
fi
echo " "
sleep 1
if [[ -z $hard_nproc ]]
 then
 echo "* hard nproc 204800" >> /etc/security/limits.conf
 echo -e "\033[32mhard_nproc\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "hard_nproc---- $hard_nproc ! \033[32mGood !!\033[0m"
fi
echo " "


sleep 1
DefaultLimitNOFILE=`cat /etc/systemd/system.conf | grep "DefaultLimitNOFILE=204800"`
if [[ -z $DefaultLimitNOFILE ]]
 then
 echo "DefaultLimitNOFILE=204800" >> /etc/systemd/system.conf
 echo -e "\033[32mDefaultLimitNOFILE\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "DefaultLimitNOFILE---- $DefaultLimitNOFILE ! \033[32mGood !!\033[0m"
fi
echo " "

sleep 1
DefaultLimitNPROC=`cat /etc/systemd/system.conf | grep "DefaultLimitNPROC=204800"`
if [[ -z $DefaultLimitNPROC ]]
 then
 echo "DefaultLimitNPROC=204800" >> /etc/systemd/system.conf
 echo -e "\033[32mDefaultLimitNPROC\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "DefaultLimitNPROC---- $DefaultLimitNPROC ! \033[32mGood !!\033[0m"
fi
systemctl daemon-reexec

echo " "
sleep 1
ulimit_n=`cat /etc/profile | grep "ulimit -n 1048576"`
if [[ -z $ulimit_n ]]
 then
 echo "ulimit -n 1048576" >> /etc/profile
 echo -e "\033[32ulimit_n\033[0m , Optimization \033[32mSuccess !!\033[0m"
 else
 echo -e "The ulimit_n----- $ulimit_n ! \033[32mGood !!\033[0m"
fi
echo " "
sleep 1

# Check sysctl.conf,and optimization
modprobe_bridge=`cat /etc/rc.local | grep "modprobe bridge"`
modprobe bridge
if [[ -z $modprobe_bridge ]]
 then
 echo "modprobe bridge" >> /etc/rc.local
 echo -e "\033[32mmodprobe bridge\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi


if [[ $FS_MAX = '1048576' ]];then
        echo -e "The fs.file-max is $FS_MAX ! \033[32mGood !!\033[0m"
else
        echo -e "max user processes is optimizing.........."
        if [[ $IS_FS_MAX = '0' ]];then
                echo "fs.file-max = 1048576" >> /etc/sysctl.conf
        else
                sed -i "s/$FS_MAX/1048576/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mfs.file-max\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $RMEM_1 = '4096' ] && [ $RMEM_2 = '4096' ] && [ $RMEM_3 = '16777216' ];then
        echo -e "The net.ipv4.tcp_rmem is 4096 4096 16777216 ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_rmem is optimizing.........."
        if [ $IS_RMEM != '0' ];then
                sed -i "/rmem/d" /etc/sysctl.conf
        fi
        echo "net.ipv4.tcp_rmem = 4096 4096 16777216" >> /etc/sysctl.conf
        echo -e "\033[32mnet.ipv4.tcp_rmem\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $WMEM_1 = '4096' ] && [ $WMEM_2 = '4096' ] && [ $WMEM_3 = '16777216' ];then
        echo -e "The net.ipv4.tcp_wmem is 4096 4096 16777216 ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_wmem is optimizing.........."
        if [ $IS_WMEM != '0' ];then
                sed -i "/wmem/d" /etc/sysctl.conf
        fi
        echo "net.ipv4.tcp_wmem = 4096 4096 16777216" >> /etc/sysctl.conf
        echo -e "\033[32mnet.ipv4.tcp_wmem\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $IP_PORT_1 = '1024' ] && [ $IP_PORT_2 = '65535' ];then
        echo -e "The net.ipv4.ip_local_port_range is 1024 65535 ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.ip_local_port_range is optimizing.........."
        if [ $IS_IP_PORT != '0' ];then
                sed -i "/ip_local_port_range/d" /etc/sysctl.conf
        fi
        echo "net.ipv4.ip_local_port_range = 1024 65535" >> /etc/sysctl.conf
        echo -e "\033[32mnet.ipv4.ip_loacl_port_range\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $TIMESTAMPS = '1' ];then
        echo -e "The net.ipv4.tcp_timestamps is $TIMESTAMPS ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_timestamps is optimizing.........."
        if [ $IS_TIMESTAMPS = '0' ];then
                echo "net.ipv4.tcp_timestamps = 1" >> /etc/sysctl.conf
        else
                sed -i "s/$TIMESTAMPS/1/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_timestamps\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $TIMEOUT = '30' ];then
        echo -e "The net.ipv4.tcp_fin_timeout is $TIMEOUT ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_fin_timeout is optimizing.........."
        if [ $IS_TIMEOUT = '0' ];then
                echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
        else
                sed -i "s/$TIMEOUT/30/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_fin_timeout\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $REUSE = '1' ];then
        echo -e "The net.ipv4.tcp_tw_reuse is $REUSE ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_tw_reuse is optimizing.........."
        if [ $IS_REUSE = '0' ];then
                echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf
        else
                sed -i "s/$REUSE/1/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_tw_reuse\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $RECYCLE = '0' ];then
        echo -e "The net.ipv4.tcp_tw_recycle is $RECYCLE ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_tw_recycle is optimizing.........."
        if [ $IS_RECYCLE = '0' ];then
                echo "net.ipv4.tcp_tw_recycle = 0" >> /etc/sysctl.conf
        else
                sed -i "s/$RECYCLE/1/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_tw_recycle\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $SCALING = '1' ];then
        echo -e "The net.ipv4.tcp_window_scaling is $SCALING ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_window_scaling is optimizing.........."
        if [ $IS_SCALING = '0' ];then
                echo "net.ipv4.tcp_window_scaling = 1" >> /etc/sysctl.conf
        else
                sed -i "s/$SCALING/1/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_window_scaling\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1

if [ $SACK = '1' ];then
        echo -e "The net.ipv4.tcp_sack is $SACK ! \033[32mGood !!\033[0m"
else
        echo -e "net.ipv4.tcp_sack is optimizing.........."
        if [ $IS_SACK = '0' ];then
                echo "net.ipv4.tcp_sack = 1" >> /etc/sysctl.conf
        else
                sed -i "s/$SACK/1/g" /etc/sysctl.conf
        fi
        echo -e "\033[32mnet.ipv4.tcp_sack\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1
if [ $somaxconn = '2048' ];then
        echo -e "The net.core.somaxconn is $somaxconn ! \033[32mGood !!\033[0m"
else
        echo -e "net.core.somaxconn is optimizing.........."
        echo "net.core.somaxconn = 2048" >> /etc/sysctl.conf
                echo 2048 > /proc/sys/net/core/somaxconn
        echo -e "\033[32mnet.core.somaxconn\033[0m , Optimization \033[32mSuccess !!\033[0m"
fi
echo " "
sleep 1
if [ $swappiness = '10' ];then
        echo -e "vm.swappiness is $swappiness ! \033[32mGood !!\033[0m"
else
        echo -e "vm.swappiness is optimizing.........."
        echo "vm.swappiness=10" >> /etc/sysctl.conf
                echo 10 > /proc/sys/vm/swappiness
        echo -e "\033[32mvm.swappiness=10\033[0m , Optimization \033[32mSuccess !!\033[0m"

fi
sysctl -p 1>/dev/null
echo -e "\033[32mIt is suggested to reserve the reserved port according to the actual situation of the system to prevent the port from being occupied！Add 'net.ipv4.ip_local_reserved_ports='at the end /etc/ sysctl.conf  ""\033[0m"
echo -e "\033[32mYou must execute script 'source /etc/profile'!\033[0m"
echo -e "\033[32mYou must restart this computer for the changes to take effect !\033[0m"
